Re: intermitant trafffic

[Jaap Keuter <jaap.keuter () xs4all nl>]

Hi,

He actually means dumpcap. Tshark, also a commandline tool, will do  
dissection as well, something you want to avoid in long term capture.

You do want to use multiple files though, to keep things managable.

Thanks,
Jaap

Send from my iPhone

On 15 feb 2010, at 18:30, "Terry Martin" <tmartin () timedatacorp com>  
wrote:

> The best way I know is to setup a constant capture using Tshark  
> where it is running and saves capture files.  Then when you are  
> notified, you can go back to that capture file and see what is going  
> on
>
>
>
> Terry Martin
>
> VP of Operation
>
> TimeData Corporation
>
> Phone: 503-678.2224
>
> Cell:      503.318.8909
>
>
>
>
>
>
>
> From: wireshark-users-bounces () wireshark org [mailto:wireshark-users- 
> bounces () wireshark org] On Behalf Of Ref Frazer
> Sent: Sunday, February 14, 2010 8:46 PM
> To: wireshark-users () wireshark org
> Subject: [Wireshark-users] intermitant trafffic
>
>
>
> I am a new user to wireshark. I have this problem where my network  
> is experiences a surge in traffic,  but by the time I get to the  
> protocol analyzer the data is gone. What is the best way to capture  
> this window with wireshark?
>
>
>
> ___________________________________________________________________________


> Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org 
> >
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe